Your business isn’t too small or too local for hackers

NOTE: This first appeared in the March 18 issue of the Daily Herald Business Ledger

As a small or medium-sized company doing business regionally, you probably think you’re too small to have your conference system hacked by international criminals.
Or, while you’re running your weekly sales strategy conference call with your sales team, you’re probably not thinking someone outside the company could be listening to your group discuss sensitive or confidential material.
But Robert Bellmar says it’s that approach that makes small and medium-sized businesses vulnerable to hackers and corporate spies. Bellmar, senior vice president of Chicago-based conferencing services provider InterCall, notes telecom fraud is a global problem that is feeding international organized crime.
“It’s an everyday occurrence,” Bellmar said. “The conference call is the perfect place for (criminals) to continue to fraud and make money.”
Telecom fraud has become a huge problem. Losses to global businesses are around $40 billion, according to the Roseland, N.J.-based Communications Fraud Control Association, while Houston, TX, tax consultancy UNY Advisors estimates annual fraud costs in the neighborhood of $1 trillion.
As a result, telecom security has grown into a is big business, according to industry analyst Gartner Inc. Corporate spending worldwide on security in 2012 was up 8.4 percent to $60 billion, and Gartner estimates spending could reach $86 billion by 2016.
Bellmar notes there are typically two types of fraud that result from hacking conference lines. The first is called a calling card scheme, where the hacker will call a business’ conference bridge and continually enter passcodes until he finds one that works. The hacker will then sell the passcode, which is used as a calling card, only the hacked business is charged for calls.
“They make money on the transaction of the passcode,” he said.
The second type is what Bellmar calls a “classic call pumping scheme.” The criminal uses international premium rate number — similar to a 900-number in the U.S. — but that number would not be recognizable to an average business. Hackers use the business’ conference bridge to access that premium number, so charges are occurred by the business.
“It looks like a normal number, just that it gets charged at a premium rate,” he said. “So what happens is they’re making money on the number they own, but they’re generating revenue through the hacking of someone’s system.
“You can be liable for those calls, and that can rack up very fast,” Bellmar added. “It’s not that uncommon for an hour or two of usage to bring you up to $10,000 on your phone service. It can happen quite quickly.”
Bellmar said companies across the U.S. are constantly being hit by hackers, primarily from countries like Belarus and San Marino, using call centers and “war dealers” — phone systems with hundreds of dealers constantly entering sequential phone numbers.
“The scale of organized crime in this is huge. On a weekend we’ll see hundreds of simultaneous connections from fraudulent organizations trying to compromise us,” Bellmar said. “That’s call centers and war dealers shooting at our environments trying to compromise them in order to build up their base of codes they can sell.“That’s not a small organization.”
Another area of concern is corporate espionage, when a hacker breaches a conference call. Bellmar notes this issue gained notoriety in 2012 when an international conference call on corporate espionage hosted by Scotland Yard in London was hacked by the group Anonymous, who recorded the meeting and posted it on YouTube. An investigation found an officer attending the event had forwarded information to his private email, which was hacked.
“It’s a case in point that even the most security conscientious people, if they’re not making the right tool choices, are at risk,” Bellmar said.
Bellmar said business owners can take some simple steps to make their conferencing safer:
1. Use a 10-digit code that is randomly generated.
2. Don’t use a PIN number that has the last four digits of your phone number.
3. Never post conferencing details on the Internet.
4. Lock your conference once you start so no one else can join, and use your roll call function so unknown people can’t join.
5. Use visual tools to manage a call. “There are a number of apps out there that can take control of call,” Bellmar said. “You can take the call and see (on your smartphone) who is on bridge. They’re out there and they are the best way to manage your call.
Bellmar stresses that small or regional businesses are just as vulnerable as global corporations, and even more so if business owners take an approach that they could never be targets.
“For the average organization, it’s a very small problem until you’re compromised,” he said.
For more information, go to www.intercall.com.

Many Americans Abandon News Outlets, Citing Less Information

Several years ago, newspapers looked at surviving the recession by going from “excellent” to “good enough.”

Given the findings by the Pew Research Center this week, customers are noticing the drop in quality. And it goes beyond newspapers to all news organizations.

Content is an asset in the news business. It should be treated as such. Editorial cuts are deep, and the customer are noticing. 

Note to the news organizations: Editorial excellence is an investment, not a cost. Content draws readers and viewers. Readers and viewers draw advertisers. Enough said.

A123 acquisition puts a charge into Navitas Systems’ future

NOTE: This first appeared in the Feb. 18 edition of the Daily Herald Business Ledger

A recent acquisition has powered up Woodridge-based Navitas Systems’ business in a big way.
The company, formerly known as MicroSun Innovative Energy Storage Solutions, completed its $2.2 million acquisition of lithium-ion battery developer A123 Systems based in Waltham, Mass. A123, a supplier of lithium ion battery technology to commercial and consumer markets, went into bankruptcy last October and a U.S. Bankruptcy Court judge awarded the company’s defense and government businesses to Navitas Systems.
Navitas’ part of the deal includes all of A123’s government contracts, as well as a research and development facility in Ann Arbor, Mich.
Navitas Systems develops and markets large format battery and energy management systems for commercial, industrial and government agencies.
While the government contracts are a nice addition to the business, the research facility and its staff are the real diamonds in the buy, according to Samer ElShafei, Navitas co-founder and business development manager.
The equipment at the Ann Arbor facility and its workforce of about 20 Ph.D-level chemistry engineers will greatly broaden Navitas’ research in battery cell development, ElShafei said.
In addition to the Ann Arbor staff, Navitas also hired 11 engineers from a former A123 automotive and military facility in Livonia, Mich., which ElShafei said will also help the company focus on development for its commercial and industrial customers.
“Our focus will be on advanced research and development, cell technology for military and government, in addition to increasing engineering capabilities for our industrial and commercial applications,” he said.
The new division will be named Navitas Advanced Solutions Group and will be headed up by General Manager Les Alexander, a former A123 employee in Ann Arbor.
Alexander has experience in the lithium battery industry and had been an integral part of the Ann Arbor team since he was with T/J Technologies, a lithium battery technology firm which A123 Systems acquired in 2006, the company said in a release.
Navitas plans on investing up to $10 million into the division this year, ElShafei said, and will be hiring an additional 40 employees, which will almost double the company’s current 75-person staff.
A key focus for the company will be the development of safer lithium ion battery technology, ElShafei said.
He pointed to the recent issues Chicago-based Boeing Co. has had with batteries in its new 787 Dreamliner jets as an example for the need for safe, stable batteries that can be used in a commercial and industrial environment.
In Boeing’s case, its new state-of-the-art aircraft was grounded by the FAA after several incidents prompted emergency landings. Investigations are currently focused on batteries used in the jet as a cause of the incidents. “We have the capability to research and — in a year or two — develop battery technology that is nonflammable … that’s what we would consider state of the art,” he said.
The company, which was founded in 2010 as MicroSun by ElShafei and his parents, Alan and Nancie, sold off its Technology, Electronics and Asia divisions last year, retaining the Innovative Energy Storage Solutions division, which was renamed Navitas Systems.
Nancie ElShafei is the company’s CEO and owner, while Alan is chairman.
Nancie ElShafei was honored by the Daily Herald Business Ledger in its CFO of the Year program last year.
Navitas was not the only company with suburban ties benefiting from A123 Systems’ bankruptcy.
Chinese auto parts manufacturer Wanxiang Group, whose U.S. operations are based in Elgin, was awarded A123 Systems’ nongovernment assets.
Wanxiang America President Pin Ni recently told Bloomberg News that the company is interesting in helping struggling hybrid car company Fisker. A123 was a key supplier of batteries for Fisker’s $103,000 Karma rechargeable-electric car.
“They’re a customer so it will be in our best interest to support them, as a vendor or possibly in a strategic alliance,” Ni said.
He declined to say if Wanxiang America would be interested in investing in the California-based auto company.

#Nuking the competition
The DotNetNuke operating platform is getting some respect. The content management system was awarded the Critics’ Choice award in the small to medium-sized business category from CMSCritic.com. It also received the People’s Choice award in November, making it the CMS for small and medium business in 2012.
“The Critic’s Choice Awards are our selections for what we feel are the best of breed in their respective areas,” said Mike Johnston of CMS Critic in announcing the award. He said DNN was recognized for its “ease of use, support, community activity (of which there is quite a bit), available opportunity for expansion of the CMS and innovation.”
That was no surprise to Don Gingold, managing director of Naperville-based Sprocket websites, whose company focuses almost entirely on the DotNetNuke platform.
“We chose DNN as our web-building framework because of those very traits. It lets us provide small-to-medium businesses with complex websites that might otherwise be out of their reach,” Gingold said.
Sprocket is one of the organizers of the Chicago Area DotNetNuke User Group, which welcomes DotNetNuke users of all levels to its monthly meetings to share technical expertise or learn more about how DNN can work for their businesses.